Merge branch 'codeql-python' of https://github.com/GitHubSecurityLab/seclab-taskflows into codeql-python

sylwia-budzynska · sylwia-budzynska · commit 009c3a2cb1bc · 2025-12-03T10:13:13.000Z
diff --git a/src/seclab_taskflows/mcp_servers/codeql_python/codeql_sqlite_models.py b/src/seclab_taskflows/mcp_servers/codeql_python/codeql_sqlite_models.py
@@ -21,6 +21,5 @@ class Source(Base):
 
     def __repr__(self):
         return (f"<Source(id={self.id}, repo={self.repo}, "
-                f"location={self.source_location}, type={self.type}, "
-                # f"line={self.line},",
+                f"location={self.source_location}, line={self.line}, source_type={self.source_type}, "
                 f"notes={self.notes})>")
diff --git a/src/seclab_taskflows/mcp_servers/codeql_python/mcp_server.py b/src/seclab_taskflows/mcp_servers/codeql_python/mcp_server.py
@@ -9,7 +9,7 @@
     filename='logs/mcp_codeql_python.log',
     filemode='a'
 )
-from seclab_taskflow_agent.mcp_servers.codeql.client import run_query, file_from_uri, list_src_files, _debug_log, search_in_src_archive
+from seclab_taskflow_agent.mcp_servers.codeql.client import run_query, _debug_log
 
 from pydantic import Field
 #from mcp.server.fastmcp import FastMCP, Context
@@ -103,7 +103,7 @@ def store_new_source(self, repo, source_location, line, source_type, notes, upda
 
     def get_sources(self, repo):
         with Session(self.engine) as session:
-            results = session.query(Source).filter_by(repo=repo).all()
+            results = session.query(Source).filter_by(repo = repo).all()
             sources = [source_to_dict(source) for source in results]
         return sources
 
@@ -208,7 +208,7 @@ def clear_codeql_repo(owner: str, repo: str):
     """
     repo = process_repo(owner, repo)
     with Session(backend.engine) as session:
-        deleted_sources = session.query(Source).filter_by(repo=repo).delete()
+        deleted_sources = session.query(Source).filter_by(repo = repo).delete()
         session.commit()
     return f"Cleared {deleted_sources} sources from repo {repo}."
 
diff --git a/src/seclab_taskflows/taskflows/audit/remote_sources_local.yaml b/src/seclab_taskflows/taskflows/audit/remote_sources_local.yaml
@@ -59,11 +59,11 @@ taskflow:
       repeat_prompt: true
       max_steps: 100
       name: source analysis
-      description: Identify actions that untrusted users are allowed perform the source.
+      description: Identify actions that untrusted users are allowed to perform on the source.
       agents:
         - seclab_taskflows.personalities.auditor
       user_prompt: |
-        The source is a {{ RESULT_type }} in {{ RESULT_repo }} in the location {{ RESULT_source_location }} on line {{ RESULT_line }}.
+        The source is a {{ RESULT_source_type }} in {{ RESULT_repo }} in the location {{ RESULT_source_location }} on line {{ RESULT_line }}.
         If the source is in a folder relating to tests or demo code, skip the analysis and update the source entry in the codeql_sqlite database indicating it is not relevant.
         Analyze what the source endpoint is used for.
         If it is a web endpoint, identify the routing path that reaches this source, HTTP method,
